Opera » Opera Browser » 7.0 : Security Vulnerabilities, CVEs, (CSRF)
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.
Max CVSS
6.8
EPSS Score
0.16%
Published
2013-02-08
Updated
2013-03-08
1 vulnerabilities found